⚡ Webinar ▶ Level-Up SaaS Security: A Comprehensive Guide to ITDR and SSPM Save Your Seat
#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
CrowdSec

AitM Attack | Breaking Cybersecurity News | The Hacker News

Phishing-as-a-Service Gets Smarter: Microsoft Sounds Alarm on AiTM Attacks

Phishing-as-a-Service Gets Smarter: Microsoft Sounds Alarm on AiTM Attacks

Aug 29, 2023 Online Security / Cyber Threat
Microsoft is warning of an increase in adversary-in-the-middle ( AiTM ) phishing techniques, which are being propagated as part of the phishing-as-a-service (PhaaS) cybercrime model. In addition to an uptick in AiTM-capable PhaaS platforms, the tech giant noted that existing phishing services like PerSwaysion are incorporating AiTM capabilities. "This development in the PhaaS ecosystem enables attackers to conduct high-volume phishing campaigns that attempt to circumvent MFA protections at scale," the Microsoft Threat Intelligence team  said  in a series of posts on X (formerly Twitter). Phishing kits with AiTM capabilities work in two ways, one of which concerns the use of reverse proxy servers (i.e., the phishing page) to relay traffic to and from the client and legitimate website and stealthily capture user credentials, two-factor authentication codes, and session cookies. A second method involves synchronous relay servers. "In AiTM through synchronous relay s
New Phishing-as-a-Service Platform Lets Cybercriminals Generate Convincing Phishing Pages

New Phishing-as-a-Service Platform Lets Cybercriminals Generate Convincing Phishing Pages

May 13, 2023
A new phishing-as-a-service (PhaaS or PaaS) platform named  Greatness  has been leveraged by cybercriminals to target business users of the Microsoft 365 cloud service since at least mid-2022, effectively lowering the bar to entry for phishing attacks. "Greatness, for now, is only focused on Microsoft 365 phishing pages, providing its affiliates with an attachment and link builder that creates highly convincing decoy and login pages," Cisco Talos researcher Tiago Pereira  said . "It contains features such as having the victim's email address pre-filled and displaying their appropriate company logo and background image, extracted from the target organization's real Microsoft 365 login page." Campaigns involving Greatness have mainly manufacturing, health care, and technology entities located in the U.S., the U.K., Australia, South Africa, and Canada, with a spike in activity detected in December 2022 and March 2023. Phishing kits like Greatness offer t
cyber security

external linkFinally, Everyone Can (and Should) Ensure Essential SaaS Security

websiteWing SecuritySaaS Security / Compliance
This new product will help you achieve the baseline requirements for ensuring safe SaaS usage.
Researchers Warns of Large-Scale AiTM Attacks Targeting Enterprise Users

Researchers Warns of Large-Scale AiTM Attacks Targeting Enterprise Users

Aug 03, 2022
A new, large-scale phishing campaign has been observed using adversary-in-the-middle (AitM) techniques to get around security protections and compromise enterprise email accounts. "It uses an adversary-in-the-middle (AitM) attack technique capable of bypassing multi-factor authentication," Zscaler researchers Sudeep Singh and Jagadeeswar Ramanukolanu  said  in a Tuesday report. "The campaign is specifically designed to reach end users in enterprises that use Microsoft's email services." Prominent targets include fintech, lending, insurance, energy, manufacturing, and federal credit union verticals located in the U.S., U.K., New Zealand, and Australia. This is not the first time such a phishing attack has come to light. Last month, Microsoft  disclosed  that over 10,000 organizations had been targeted since September 2021 by means of AitM techniques to breach accounts secured with multi-factor authentication (MFA). The ongoing campaign, effective June 2022,
Cybersecurity Resources